Frequently Asked Questions
What is penetration testing?
A penetration testing, also known as a “Pen Test” is a method for evaluating the effectiveness of an organization’s security controls. Testing is performed under controlled conditions, simulating scenarios representative of what a real attacker would attempt. When gaps are identified in a security control, a penetration test goes beyond basic vulnerability scanning to determine how an attacker would escalate access to sensitive information assets, confidential information, personally identifiable information (PII), financial data, intellectual property or any other sensitive information
How much of PCS Penetration Testing is Automated vs. Manual?
A question not enough people ask is how much of the testing is automated vs. manual. While automated tools are a brief step early in our process, a large majority of our testing is manual. The amount of manual work varies project-to-project, but around 95% of the pentest is hands-on.
What is the pricing and cost structure for A penetration test?
There is no universal price for a penetration test, if you are presented with a generic price, it should serve as a red flag not to proceed with that provider. PCS will provide a free consultation to understand your organization’s aims and objectives and determine a high-level threat model (to understand the full scope of work) before giving a quote.
What kind of reports can I get from PCS?
PCS provides an exhaustive set of reports in multiple forms. Executive reports are available that summarize the latest security posture of your application. Technical reports are, also, available with detailed explanations of findings and risks. All reports are useful for developers and admins to understand and fix the findings.
Why do I need penetration testing services?
A penetration testing provides significant value to the business. For the management team, it provides a benchmark of the target assets’ (e.g. an application, an organization or a network) risk levels and mitigation advice, that helps to prioritize risk remediation. For technical teams, it is a validation exercise of security controls in place and a learning exercise to avoid similar issues in future.
How often should I schedule penetration testing services?
In most cases, a penetration test is necessary annually or whenever there is a significant change to the system or application. Specific requirements may vary according to certain regulations and internal policies.
How long does it take to perform a penetration test?
The length of the penetration testing engagement depends on the type of testing, the type and number of systems and any engagement constraints. Typical engagements have an average testing time of 1 – 3 weeks.
Can a penetration test break my system?
If the penetration test is not properly planned and coordinated, it can be disruptive. This is why it is imperative that the planning is done properly, and comprehensively, to identify potential risks for disruption and adjust the approach accordingly.
Why should I use PCS?
PCS helps organizations defend against adversaries by being the best at simulating real-world, sophisticated adversaries with the products, services, and training we provide. We know how attackers think and operate, allowing us to help our customers better defend against the threats they face daily.
How we find the vulnerabilities that exist in your infrastructure
Offensive methodology
We test your digital assets for over hundreds of vulnerabilities.
Follow standard-based approaches
We follow standard-based approaches such as PTES, OWASP top 10, CWE/SANS top 25 etc.
Expert consultancy
We have very highly skilled security engineer team with us for end to end support.